Moses Garuba

Intrusion Techniques: Comparative Study of Network Intrusion Detection Systems

Organizations require security systems that are flexible and adaptable in order to combat increasing threats from software vulnerabilities, virus attacks and other malicious code, in addition to internal attacks. Network intrusion detection systems, which are part of the layered defense scheme, must be able to meet these organizational objectives in order to be effective. Although signature based network intrusion detection systems meet several organizational security objectives, heuristic based network intrusion detection systems are able to fully meet the objectives of the organization. Through a comparative theoretical study, this paper analyzes several organizational security objectives in order to determine the network intrusion detection system that effectively meets these objectives. Through conclusive analysis of the study, heuristic based systems are better served to meet the organizational objectives than signature based systems. The analysis was based on which system provided definitive security objectives and offered the flexibility, adaptability, and reduced vulnerability that an organization requires.

Implementation of Artificial Neural Network-Based Tracking Controller for High-Performance Stepper Motor Drives

Two distinct multilayer perception neural networks (NNs) are implemented via laboratory experiment to simultaneously identify and adaptively control the trajectory tracking of a hybrid step motor assumed to operate in a high-performance drives environment. That is, a neural network identifier (NNI) which captures the nonlinear dynamics of the stepper motor drive system (SMDS) over any arbitrary time interval in its range of operation, and a neural network controller (NNC) to provide the necessary control actions as to achieve trajectory tracking of the rotor speed. The exact form of the control law is unknown, and must be estimated by the NNC. Consequently, the NNC is constructed as a nonlinear unknown function depending on the current state of the drive system supplies by the NNI and the reference trajectory we wish the outputs to follow. The two NNs are online trained using dynamic back-propagation algorithm. The composite structure is used as a speed controller for the SMDS. Performance of the composite controller is evaluated through a laboratory experiment. Experimental results show the effectiveness of this approach, and demonstrate the usefulness of the proposed controller in high-performance drives

Hardware implementation of an adaptive network-based fuzzy controller for DC-DC converters

A novel control topology of adaptive network-based fuzzy inference system (ANFIS) for control of the dc-dc converter is developed and presented in this paper. It essentially consists of combining fuzzy inference system and neural networks and implementing within the framework of adaptive networks. The architecture of the ANFIS along with the learning rule, which is used to give an adaptive and learning structure to a fuzzy controller, is also described. The emphasis here is on fuzzy-neural-network control philosophies in designing an intelligent controller for the dc-dc converter that allows the benefits of neural network structure to be realized without sacrificing the intuitive nature of the fuzzy system. Specifically, it permits this type of setup to simultaneously share the benefits of both fuzzy control and neural network capabilities. An experimental test bed is designed and built. The components are tested individually and in various combinations of hardware and software segments. Two categories of tests, namely, load regulation and line regulation, are carried out to evaluate the performance of the proposed control system. Experimental results demonstrate the advantages and flexibilities of ANFIS for the dc-dc converter.

Analysis of DDoS Attacks and an Introduction of a Hybrid Statistical Model to Detect DDoS Attacks on Cloud Computing Environment

Cloud service availability has been one of the major concerns of cloud service providers (CSP), while hosting different cloud based information technology services by managing different resources on the internet. The vulnerability of internet, the distribute nature of cloud computing, various security issues related to cloud computing service models, and clouds main attributes contribute to its susceptibility of security threats associated with cloud service availability. One of the major sophisticated threats that happen to be very difficult and challenging to counter due to its distributed nature and resulted in cloud service disruption is Distributed Denial of Service (DDoS) attacks. Even though there are number of intrusion detection solutions proposed by different research groups, and cloud service providers (CSP) are currently using different detection solutions by promising that their product is well secured, there is no such a perfect solution that prevents the DDoS attack. The characteristics of DDoS attack, i.e., Having different appearance with different scenarios, make it difficult to detect. This paper will review and analyze different existing DDoS detecting techniques against different parameters, discusses their advantage and disadvantages, and propose a hybrid statistical model that could significantly mitigate these attacks and be a better alternative solution for current detection problems.

Research Directions in Quantum Cryptography

Quantum cryptography is an approach to securing communications by applying the phenomena of quantum physics. Unlike traditional classical cryptography, which uses mathematical techniques to restrict eavesdroppers, quantum cryptography is focused on the physics of information. Quantum cryptography provides secure communication, whose security depends only on the validity of quantum theory, i.e., it is guarantied directly by the laws of physics. This is a substantial difference from any classical cryptographic techniques. This article summarizes the current state of quantum cryptography and provides potential extensions of its feasibility as a mechanism for securing existing communication systems

A ubiquitous stable storage for mobile computing devices

Mobile computing devices have become increasingly prevalent as professionals discover the benefits of having their electronic work/data available at all times. Although mobile computing offers these benefits, there are still risks in terms of data reliability and dependability in the event of a device related failure. Often, failure of mobile computing devices occurs before backup and synchronization of mobile data. In this research, we propose an infrastructure of ubiquitous stable storage for mobile computing devices. Our framework is based on wireless Jini technology.

Encryption as an Effective Tool in Reducing Wireless LAN Vulnerabilities

The security of wireless LANs has been a source of concern for businesses and individuals who are aware of its advantages due to its flexibility. With the increase in the use of wireless LANs for enterprises and homes, where information assets are shared continually, security is of the essence. With the increase in e- commerce and e-services, there is the risk of identity and credit card theft. Encryption is seen as a major tool in the line of defense of wireless LANs. This article discusses the various security protocols used in wireless LANs and how effective they are in keeping wireless LANs secure. The risks of using these protocols are outlined and recommendations for securing wireless LANs are reviewed.

A Comparative Analysis of Anti-Malware Software, Patch Management, and Host-Based Firewalls in Preventing Malware Infections on Client Computers

This purpose of this paper is to provide a comparative analysis of three methods used by organizations to prevent malware on client computers. These methods include anti-malware software, patch management, and host-based firewalls. Each method will be briefly described and then compared based on an evaluation of administrative and operational features. This comparative analysis may serve as a useful guide for organizations with limited security budgets and resources looking to invest in a malware prevention solution.

Cloud Computing Vulnerability: DDoS as Its Main Security Threat, and Analysis of IDS as a Solution Model

Cloud computing has emerged as an increasingly popular means of delivering IT-enabled business services and a potential technology resource choice for many private and government organizations in todays rapidly changing computing environment. Consequently, as cloud computing technology, functionality and usability expands unique security vulnerabilities and treats requiring timely attention arise continuously. The primary challenge being providing continuous service availability. This paper will address cloud security vulnerability issues, the threats propagated by a distributed denial of service (DDOS) attack on cloud computing infrastructure and also discuss the means and techniques that could detect and prevent the attacks.

Big Data Analytics for User-Activity Analysis and User-Anomaly Detection in Mobile Wireless Network

The next generation wireless networks are expected to operate in fully automated fashion to meet the burgeoning capacity demand and to serve users with superior quality of experience. Mobile wireless networks can leverage spatio-temporal information about user and network condition to embed the system with end-to-end visibility and intelligence. Big data analytics has emerged as a promising approach to unearth meaningful insights and to build artificially intelligent models with assistance of machine learning tools. Utilizing aforementioned tools and techniques, this paper contributes in two ways. First, we utilize mobile network data (Big Data)—call detail record—to analyze anomalous behavior of mobile wireless network. For anomaly detection purposes, we use unsupervised clustering techniques namely k-means clustering and hierarchical clustering. We compare the detected anomalies with ground truth information to verify their correctness. From the comparative analysis, we observe that when the network experiences abruptly high (unusual) traffic demand at any location and time, it identifies that as anomaly. This helps in identifying regions of interest in the network for special action such as resource allocation, fault avoidance solution, etc. Second, we train a neural-network-based prediction model with anomalous and anomaly-free data to highlight the effect of anomalies in data while training/building intelligent models. In this phase, we transform our anomalous data to anomaly-free and we observe that the error in prediction, while training the model with anomaly-free data has largely decreased as compared to the case when the model was trained with anomalous data.